From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 900E71382C5 for ; Fri, 4 Dec 2020 02:19:01 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 026C7E090A; Fri, 4 Dec 2020 02:18:57 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 79A26E08FE for ; Fri, 4 Dec 2020 02:18:56 +0000 (UTC) Subject: Re: [gentoo-user] Switching default tmpfiles and faster internet coming my way. To: gentoo-user@lists.gentoo.org References: From: Michael Orlitzky Message-ID: <4b0dc38c-0f6e-208d-6187-c856a453aeae@gentoo.org> Date: Thu, 3 Dec 2020 21:18:49 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Archives-Salt: 92ed94d1-3fb2-4ab5-b531-b4d39010934b X-Archives-Hash: 810df12dac0c950d03470317239324ee On 12/3/20 8:40 PM, Dale wrote: > Howdy, > > I've mentioned I follow -dev to see what is coming around the corner. > There is a thread on there about switching tmpfiles packages for > security reasons.  I currently have sys-apps/opentmpfiles installed.  I > guess that is the default for openrc.  Someone mentioned > systemd-tmpfiles as a alternative that doesn't have the same security > problems. There's a full explanation here: http://michael.orlitzky.com/cves/cve-2017-18925.xhtml I'm a champion systemd hater, but you should switch to systemd-tmpfiles. There's no downside other than the name.